mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-21 00:12:58 +02:00
c2e008880c
Hi, Excerpts from official announcement: "This version fixes CVE-2018-0494 (Cookie injection vulnerability) found by Harry Sintonen. This version fixes several issues, mostly found by OSS-Fuzz. It also introduces TLS1.3 with OpenSSL, a new option --ciphers and updates the CSS grammar to version 2.2. ... Noteworthy changes: * Fix cookie injection (CVE-2018-0494) * Enable TLS1.3 with recent OpenSSL environment * New option --ciphers to set GnuTLS / OpenSSL ciphers directly * Updated CSS grammar to CSS 2.2 * Fixed several memleaks found by OSS-Fuzz * Fixed several buffer overflows found by OSS-Fuzz * Fixed several integer overflows found by OSS-Fuzz * Several minor bug fixes" Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
3.1 KiB
3.1 KiB